MAL-2026-4523

See a problem?

Import Source

https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/claude-channel-imessage/MAL-2026-4523.json

JSON Data

https://api.osv.dev/v1/vulns/MAL-2026-4523

Aliases

GHSA-6v88-cxrw-54h7

Published

2026-05-25T13:45:30Z

Modified

2026-05-27T13:46:42.867434Z

Summary

Malicious code in claude-channel-imessage (npm)

Details

-= Per source details. Do not edit below this line.=-

Source: amazon-inspector (9751c370c062cb40bccb874f46679ad3ca8ba9d3b49d0d8ba1f924d9582e53a3)

On npm install, postinstall.js executes whoami and id, reads os.hostname(), os.platform(), process.cwd(), and the CI, GITHUB_REPOSITORY, and NODE_ENV environment variables, then transmits them as querystring parameters over HTTPS to qys3a81jtkh128ob7n3nvg4fz651tvhk.oastify.com (a Burp Collaborator subdomain controlled by a third party). The script additionally performs a DNS lookup of <whoami>.qys3a81jtkh128ob7n3nvg4fz651tvhk.oastify.com, embedding the installer's local username into a DNS query to leak it over a covert channel that succeeds even when outbound HTTP is filtered. The package self-describes as a 'Security research canary' but the dual-channel beacon (HTTPS + DNS) to an attacker-controlled collaborator host fires unconditionally on every install, leaking internal CI identity, repository names, and host identifiers from any environment that installs the package.

Source: ghsa-malware (fe4ec1ec72a8fd89f2be48193cfff805671a974b95ac193d7ccac8e8897f0d99)

Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it.

Database specific

{
    "malicious-packages-origins": [
        {
            "import_time": "2026-05-26T05:53:01.260357073Z",
            "sha256": "6801ca4be1ec4d182fd1b9b3b13ada7d768c2e07f1e03542e052a79ce870395e",
            "source": "amazon-inspector",
            "id": "IN-MAL-2026-004650",
            "modified_time": "2026-05-25T13:45:30Z",
            "versions": [
                "2.0.4"
            ]
        },
        {
            "import_time": "2026-05-26T05:53:01.149165219Z",
            "sha256": "9751c370c062cb40bccb874f46679ad3ca8ba9d3b49d0d8ba1f924d9582e53a3",
            "source": "amazon-inspector",
            "id": "IN-MAL-2026-004649",
            "modified_time": "2026-05-25T13:45:30Z",
            "versions": [
                "2.0.4"
            ]
        },
        {
            "import_time": "2026-05-27T13:34:11.949784695Z",
            "ranges": [
                {
                    "events": [
                        {
                            "introduced": "0"
                        }
                    ],
                    "type": "SEMVER"
                }
            ],
            "sha256": "fe4ec1ec72a8fd89f2be48193cfff805671a974b95ac193d7ccac8e8897f0d99",
            "id": "GHSA-6v88-cxrw-54h7",
            "source": "ghsa-malware",
            "modified_time": "2026-05-27T13:25:09Z"
        }
    ]
}

References

Credits

- Amazon Inspector - FINDER
- - actran@amazon.com

Affected packages

npm / claude-channel-imessage

Package

Name: claude-channel-imessage; View open source insights on deps.dev
Purl: pkg:npm/claude-channel-imessage

Affected ranges

Type: SEMVER
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

2.*

2.0.4

Database specific

cwes

[
    {
        "cweId": "CWE-506",
        "name": "Embedded Malicious Code",
        "description": "The product contains code that appears to be malicious in nature."
    },
    {
        "cweId": "CWE-506",
        "name": "Embedded Malicious Code",
        "description": "The product contains code that appears to be malicious in nature."
    }
]

indicators

{
    "package_integrity": [
        {
            "hashes": {
                "sha512_sri": "sha512-I63i9zmlvACdDF1pBgOtYEKM4YgcTokSNE3EdSWQotICtaOxzOn46FgCBGfoPoRxu8iMFQzBCtlCRp3IcmEzdg==",
                "sha1": "346f174f1c19289d88d509dd2ebe1fffd4cae568"
            },
            "filename": "claude-channel-imessage-2.0.4.tgz"
        }
    ],
    "evidence_files": [
        {
            "sha256": "e17b46ee7bfa1642627aa3c5e5d3ed563f3ae66220f07b370ece96fb77cbebd6",
            "tlsh": "af0141b023f4f7b098e25dd0a225dc077127e0103300b9e03dec9254ab8997449b5cec",
            "path": "postinstall.js"
        }
    ],
    "domains": [
        "qys3a81jtkh128ob7n3nvg4fz651tvhk.oastify.com",
        "scan.qys3a81jtkh128ob7n3nvg4fz651tvhk.oastify.com"
    ]
}

source

"https://github.com/ossf/malicious-packages/blob/main/osv/malicious/npm/claude-channel-imessage/MAL-2026-4523.json"